Skip to the main content.
Contact
Contact

Blog

Be in touch with our latest news

offensivesecurity

3 min read

Control Gap Vulnerability Roundup: August 6th to August 12th

This week saw the publication of 576 new CVE IDs. Of those, 80 have not yet been assigned official CVSS scores, however, of the ones that were, approximately 18% were of critical severity, 39% were high, 39% were medium, and 5% were low. Listed below are...

Read More >

3 min read

Control Gap Vulnerability Roundup: July 30th to August 5th

This week saw the publication of 449 new CVE IDs. Of those, 315 have not yet been assigned official CVSS scores, however, of the ones that were, approximately 19% were of critical severity, 22% were high, 59% were medium, and 1% were low. Listed below...

Read More >

3 min read

Control Gap Vulnerability Roundup: July 23rd to 29th

This week saw the publication of 465 new CVE IDs. Of those, 356 have not yet been assigned official CVSS scores, however, of the ones that were, approximately 6% were of critical severity, 37% were high, 52% were medium, and 5% were low. Listed below are...

Read More >

3 min read

Control Gap Vulnerability Roundup: July 16th to 22nd

This week saw the publication of 579 new CVE IDs. Of those, 356 have not yet been assigned official CVSS scores, however, of the ones that were, approximately 6% were of critical severity, 37% were high, 52% were medium, and 5% were low. Listed below are...

Read More >

4 min read

Control Gap Vulnerability Roundup: July 8th to 15th

This week saw the publication of 561 new CVE IDs. Of those, 441 have not yet been assigned official CVSS scores, however, of the ones that were, approximately 26% were of critical severity, 34% were high, 40% were medium, and 0% were low. Listed below...

Read More >

22 min read

Installer Misconfigurations and Weak Folder Permissions: A Sage 300 Case Study

In modern cyberattacks, threat actors will often begin their attacks against enterprises by obtaining low-privileged access to a single system in the internal IT environment through phishing, VPN access, or successful exploits against perimeter systems....

Read More >

3 min read

Control Gap Vulnerability Roundup: July 1st to 8th

This week saw the publication of 330 new CVE IDs. Of those, 296 have not yet been assigned official CVSS scores, however, of the ones that were, approximately 21% were of critical severity, 48% were high, 31% were medium, and 0% were low. Listed below...

Read More >

2 min read

Our Offensive Security Hiring Process

Control Gap is expanding our Offensive Security team and looking for talented individuals. To ensure that we have the right team, we needed a better way to evaluate potential candidates. Interviews are only one lens to get to know a person. However, we...

Read More >

2 min read

The MS Exchange - World-Wide Exploitation

For organizations running on-premise Microsoft Exchange servers, we want to make you aware of four severe zero-day vulnerabilities announced on March 2nd, 2021. Attackers are using these vulnerabilities to obtain SYSTEM level access, execute arbitrary...

Read More >